Add a new 'passwordeval' command and '--passwordeval' option.

This allows to set the password to the output of a command, e.g. 'gpg -d <file>'.
12 years ago · 84d8936f9f
9 changed files with 155 additions and 23 deletions
--- a/2
+++ b/2
@ -1,4 +1,6 @@
 Version 1.4.22:
+- Add a new passwordeval command and --passwordeval option, to set the password
+  from the output of a command. Written by Martin Stenberg.
 - A few documentation improvements, suggested by Andries E. Brouwer.

 Version 1.4.21:
--- a/4
+++ b/4
@ -1,3 +1,7 @@
+Version 1.4.22:
+- A new command 'passwordeval' with a corresponding '--passwordeval' option
+  allows to set the password to the output of a command.
+
 Version 1.4.21:
 - No significant changes.

--- a/1
+++ b/1
@ -13,5 +13,6 @@ Thanks go to:
 - Jay Soffian for Mac OS X keychain support
 - Satoru SATOH for GNOME Keyring support
 - Gaizka Villate and Emmanuel Bouthenot for msmtp-gnome-tool.py
+- Martin Stenberg for passwordeval support

 - all senders of bug reports and problem descriptions
--- a/doc/msmtp.1
+++ b/doc/msmtp.1
@ -92,6 +92,9 @@ the \fBauth\fP command below.
 .IP "\-\-user=\fI[username]\fP"
 Set or unset the user name for authentication. See the \fBuser\fP command
 below.
+.IP "\-\-passwordeval=\fI[eval]\fP"
+Set your password for SMTP authentication to the output (stdout) of the
+execution of \fIeval\fP.
 .IP "\-\-tls[=(\fIon\fP|\fIoff\fP)]"
 Enable or disable TLS/SSL encryption. See the \fBtls\fP command below.
 .IP "\-\-tls\-starttls[=(\fIon\fP|\fIoff\fP)]"
@ -341,6 +344,9 @@ find it in ~/.netrc. If that fails, it will try to find it in SYSCONFDIR/netrc
 fails, it will try to get it from a system specific keychain (if available). If
 that fails but a controlling terminal is available, msmtp will prompt you for
 it.
+.IP "passwordeval [\fIeval\fP]"
+Set your password for SMTP authentication to the output (stdout) of the
+execution of \fIeval\fP.
 .IP "ntlmdomain [\fIdomain\fP]"
 Set a domain for the \fIntlm\fP authentication method. The default is to use no
 domain (equivalent to an empty argument), but some servers seem to require one,
@ -527,7 +533,7 @@ auth on
 .br
 user 123456789
 .br
-password my_password
+passwordeval gpg -d ~/.msmtp.password.gpg
 .br

 .br
--- a/doc/msmtp.texi
+++ b/doc/msmtp.texi
@ -223,7 +223,11 @@ find it in @code{~/.netrc}. If that fails, it will try to find it in
 is on your platform). If that fails, it will try to get it from a system 
 specific keyring (if available). If that fails but a controlling terminal is
 available, msmtp will prompt you for it.
-@xref{Authentication}.
+@anchor{passwordeval}
+@item passwordeval [@var{eval}]
+@cmindex passwordeval
+Set your password for SMTP authentication to the output (stdout) of the
+execution of @var{eval}.
@anchor{ntlmdomain}
@item ntlmdomain [@var{ntlmdomain}]
@cmindex ntlmdomain
@ -523,6 +527,10 @@ Enable or disable authentication and optionally choose the method. @xref{auth}.
@itemx --user=[@var{username}]
@opindex --user
 Set or unset the user name for authentication. @xref{user}.
+@anchor{--passwordeval}
+@itemx --passwordeval=[@var{eval}]
+@opindex --passwordeval
+Evaluate password for authentication. @xref{passwordeval}.
@itemx --tls[=(on|off)]
@opindex --tls
 Enable or disable TLS/SSL. @xref{tls}.
@ -1119,7 +1127,7 @@ host mail.provider.example
 from smithjoe@@provider.example
 auth on
 user 123
-password pwd
+passwordeval gpg -d ~/.msmtp.password.gpg

 # Set a default account
 account default : provider
--- a/doc/msmtprc-user.example
+++ b/doc/msmtprc-user.example
@ -24,7 +24,7 @@ host mail.provider.example
 from smithjoe@provider.example
 auth on
 user 123456789
-password my_password
+passwordeval gpg -d ~/.msmtp.password.gpg

 # Set a default account
 account default : provider
--- a/src/conf.c
+++ b/src/conf.c
@ -5,6 +5,7 @@
 *
 * Copyright (C) 2000, 2003, 2004, 2005, 2006, 2007, 2008, 2010
 * Martin Lambers <marlam@marlam.de>
+ * Martin Stenberg <martin@gnutiken.se> (passwordeval support)
 *
 *   This program is free software; you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
@ -24,6 +25,7 @@
 # include "config.h"
 #endif

+#include <unistd.h>
 #include <stdlib.h>
 #include <limits.h>
 #include <stdio.h>
@ -713,6 +715,63 @@ int check_account(account_t *acc, int sendmail_mode, char **errstr)
 }


+/*
+ * get_password_eval()
+ *
+ * see conf.h
+ */
+
+int get_password_eval(const char *arg, char **buf, char **errstr)
+{
+    FILE *eval;
+    size_t l;
+
+    *buf = NULL;
+    *errstr = NULL;
+    errno = 0;
+
+    if (!(eval = popen(arg, "r")))
+    {
+        if (errno == 0)
+        {
+            errno = ENOMEM;
+        }
+        *errstr = xasprintf("cannot evaluate '%s': %s", arg, strerror(errno));
+        return CONF_EIO;
+    }
+
+    *buf = xmalloc(LINEBUFSIZE);
+    if (!fgets(*buf, LINEBUFSIZE, eval))
+    {
+        *errstr = xasprintf("cannot read output of '%s'", arg);
+        pclose(eval);
+        free(*buf);
+        *buf = NULL;
+        return CONF_EIO;
+    }
+    pclose(eval);
+
+    l = strlen(*buf);
+    if (l > 0)
+    {
+        if ((*buf)[l - 1] != '\n')
+        {
+            *errstr = xasprintf("output of '%s' is longer than %d characters, "
+                    "or is not terminated by newline", arg, LINEBUFSIZE - 1);
+            free(*buf);
+            *buf = NULL;
+            return CONF_EIO;
+        }
+        else
+        {
+            (*buf)[l - 1] = '\0';
+        }
+    }
+
+    return CONF_EOK;
+}
+
+
 /*
 * some small helper functions
 */
@ -1221,6 +1280,24 @@ int read_conffile(const char *conffile, FILE *f, list_t **acc_list,
            free(acc->password);
            acc->password = (*arg == '\0') ? NULL : xstrdup(arg);
        }
+        else if (strcmp(cmd, "passwordeval") == 0)
+        {
+            acc->mask |= ACC_PASSWORD;
+            free(acc->password);
+            if ((e = get_password_eval(arg, &t, errstr)) == CONF_EOK)
+            {
+                acc->password = (*t == '\0') ? NULL : xstrdup(t);
+                free(t);
+            }
+            else
+            {
+                acc->password = NULL;
+                t = xasprintf(_("line %d: %s"), line, *errstr);
+                free(*errstr);
+                *errstr = t;
+                break;
+            }
+        }
        else if (strcmp(cmd, "ntlmdomain") == 0)
        {
            acc->mask |= ACC_NTLMDOMAIN;
--- a/src/conf.h
+++ b/src/conf.h
@ -5,6 +5,7 @@
 *
 * Copyright (C) 2000, 2003, 2004, 2005, 2006, 2007, 2008, 2010
 * Martin Lambers <marlam@marlam.de>
+ * Martin Stenberg <martin@gnutiken.se> (passwordeval support)
 *
 *   This program is free software; you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
@ -244,6 +245,15 @@ void override_account(account_t *acc1, account_t *acc2);
 */
 int check_account(account_t *acc, int sendmail_mode, char **errstr);

+/*
+ * get_password_eval()
+ *
+ * Evaluates command in 'arg' and stores result in 'buf' (which is allocated).
+ * Returns CONF_EIO if command exectution failed, otherwise CONF_EOK. On error,
+ * *errstr will contain an error string.
+ */
+int get_password_eval(const char *arg, char **buf, char **errstr);
+
 /*
 * get_conf()
 *
--- a/src/msmtp.c
+++ b/src/msmtp.c
@ -7,6 +7,7 @@
 * Martin Lambers <marlam@marlam.de>
 * Jay Soffian <jaysoffian@gmail.com> (Mac OS X keychain support)
 * Satoru SATOH <satoru.satoh@gmail.com> (GNOME keyring support)
+ * Martin Stenberg <martin@gnutiken.se> (passwordeval support)
 *
 *   This program is free software; you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
@ -2365,6 +2366,8 @@ void msmtp_print_help(void)
            "                               choose the method.\n"
            "  --user=[username]            Set/unset user name for "
                "authentication.\n"
+            "  --passwordeval=[eval]        Evaluate password for "
+                "authentication.\n"
            "  --tls[=(on|off)]             Enable/disable TLS encryption.\n"
            "  --tls-starttls[=(on|off)]    Enable/disable STARTTLS for TLS.\n"
            "  --tls-trust-file=[file]      Set/unset trust file for TLS.\n"
@ -2447,25 +2450,26 @@ typedef struct
 #define LONGONLYOPT_TIMEOUT                     4
 #define LONGONLYOPT_AUTH                        5
 #define LONGONLYOPT_USER                        6
-#define LONGONLYOPT_TLS                         7
-#define LONGONLYOPT_TLS_STARTTLS                8
-#define LONGONLYOPT_TLS_TRUST_FILE              9
-#define LONGONLYOPT_TLS_CRL_FILE                10
-#define LONGONLYOPT_TLS_FINGERPRINT             11
-#define LONGONLYOPT_TLS_KEY_FILE                12
-#define LONGONLYOPT_TLS_CERT_FILE               13
-#define LONGONLYOPT_TLS_CERTCHECK               14
-#define LONGONLYOPT_TLS_FORCE_SSLV3             15
-#define LONGONLYOPT_TLS_MIN_DH_PRIME_BITS       16
-#define LONGONLYOPT_TLS_PRIORITIES              17
-#define LONGONLYOPT_PROTOCOL                    18
-#define LONGONLYOPT_DOMAIN                      19
-#define LONGONLYOPT_KEEPBCC                     20
-#define LONGONLYOPT_RMQS                        21
-#define LONGONLYOPT_SYSLOG                      22
-#define LONGONLYOPT_MAILDOMAIN                  23
-#define LONGONLYOPT_AUTO_FROM                   24
-#define LONGONLYOPT_READ_ENVELOPE_FROM          25
+#define LONGONLYOPT_PASSWORDEVAL                7
+#define LONGONLYOPT_TLS                         8
+#define LONGONLYOPT_TLS_STARTTLS                9
+#define LONGONLYOPT_TLS_TRUST_FILE              10
+#define LONGONLYOPT_TLS_CRL_FILE                11
+#define LONGONLYOPT_TLS_FINGERPRINT             12
+#define LONGONLYOPT_TLS_KEY_FILE                13
+#define LONGONLYOPT_TLS_CERT_FILE               14
+#define LONGONLYOPT_TLS_CERTCHECK               15
+#define LONGONLYOPT_TLS_FORCE_SSLV3             16
+#define LONGONLYOPT_TLS_MIN_DH_PRIME_BITS       17
+#define LONGONLYOPT_TLS_PRIORITIES              18
+#define LONGONLYOPT_PROTOCOL                    19
+#define LONGONLYOPT_DOMAIN                      20
+#define LONGONLYOPT_KEEPBCC                     21
+#define LONGONLYOPT_RMQS                        22
+#define LONGONLYOPT_SYSLOG                      23
+#define LONGONLYOPT_MAILDOMAIN                  24
+#define LONGONLYOPT_AUTO_FROM                   25
+#define LONGONLYOPT_READ_ENVELOPE_FROM          26

 int msmtp_cmdline(msmtp_cmdline_conf_t *conf, int argc, char *argv[])
 {
@ -2492,6 +2496,7 @@ int msmtp_cmdline(msmtp_cmdline_conf_t *conf, int argc, char *argv[])
            LONGONLYOPT_MAILDOMAIN },
        { "auth",                  optional_argument, 0, LONGONLYOPT_AUTH },
        { "user",                  required_argument, 0, LONGONLYOPT_USER },
+        { "passwordeval",          optional_argument, 0, LONGONLYOPT_PASSWORDEVAL },
        { "tls",                   optional_argument, 0, LONGONLYOPT_TLS },
        { "tls-starttls",          optional_argument, 0,
            LONGONLYOPT_TLS_STARTTLS },
@ -2530,6 +2535,8 @@ int msmtp_cmdline(msmtp_cmdline_conf_t *conf, int argc, char *argv[])
    int error_code;
    int c;
    int i;
+    char *pw;
+    char *errstr;
    list_t *lp;

    /* the program name */
@ -2758,6 +2765,23 @@ int msmtp_cmdline(msmtp_cmdline_conf_t *conf, int argc, char *argv[])
                conf->cmdline_account->mask |= ACC_USERNAME;
                break;

+            case LONGONLYOPT_PASSWORDEVAL:
+                free(conf->cmdline_account->password);
+                if (get_password_eval(optarg, &pw, &errstr) == CONF_EOK)
+                {
+                    conf->cmdline_account->password =
+                        (*pw == '\0') ? NULL : xstrdup(pw);
+                    free(pw);
+                }
+                else
+                {
+                    conf->cmdline_account->password = NULL;
+                    print_error("%s", errstr);
+                    error_code = 1;
+                }
+                conf->cmdline_account->mask |= ACC_PASSWORD;
+                break;
+
            case LONGONLYOPT_TLS:
                if (!optarg || is_on(optarg))
                {